Blar i NTNU Open på forfatter "Cruzes, Daniela Soares"
-
A Study of Requirement Negotiation in Open Source Communities
Sulland, Magnus (Master thesis, 2010)A study of requirement handling in two Open Source communities, Qpid and Qt. Exploring how requirements are expressed and negotiated within a OSS COTS-component providing community. -
Achieving "Good Enough" Software Security: The Role of Objectivity
Tøndel, Inger Anne; Cruzes, Daniela Soares; Jaatun, Martin Gilje (Chapter, 2020)Today's software development projects need to consider security as one of the qualities the software should possess. However, overspending on security will imply that the software will become more expensive and often also ... -
AutoTrust: Automatic software package assessment using trust criteria
Morstøl, Hallvard Molin; Rynning-Tønnesen, Sverre (Master thesis, 2023)Motivasjon: Denne masteroppgaven er en studie i forsyningskjedesikkerhet for programvare. Arbeidet var motivert av økningen i programvareangrep på forsyningskjeden ved bruk av ondsinnede programvarepakker. Mål: Målet er ... -
AutoTrust: Automatic software package assessment using trust criteria
Morstøl, Hallvard Molin; Rynning-Tønnesen, Sverre (Master thesis, 2023)Motivasjon: Denne masteroppgaven er en studie i forsyningskjedesikkerhet for programvare. Arbeidet var motivert av økningen i programvareangrep på forsyningskjeden ved bruk av ondsinnede programvarepakker. ... -
Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects
Cruzes, Daniela Soares; Jaatun, Martin Gilje; Bernsmed, Karin; Tøndel, Inger Anne (Journal article; Peer reviewed, 2018)The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to be a key activity, but can be challenging to perform for ... -
Collaboration Patterns among Commercial Firms in Community-Based OSS Projects
Snarby, Terje (Master thesis, 2013)Context: Open Source Software (OSS) development is a highly distributed and collaborative activity and was initially performed by developers volunteering their time and effort. During the recent years, OSS has transformed ... -
Collaborative security risk estimation in agile software development
Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Williams, Laurie (Journal article; Peer reviewed, 2019)Purpose Today, agile software development teams in general do not adopt security risk-assessment practices in an ongoing manner to prioritize security work. Protection Poker is a collaborative and lightweight software ... -
Continuous software security through security prioritisation meetings
Tøndel, Inger Anne; Cruzes, Daniela Soares (Journal article; Peer reviewed, 2022) -
Coopetition of software firms in open source software ecosystems
Nguyen Duc, Anh; Cruzes, Daniela Soares; Hanssen, Geir Kjetil; Snarby, Terje; Abrahamsson, Pekka Kalevi (Journal article; Peer reviewed, 2017)Software firms participate in an ecosystem as a part of their innovation strategy to extend value creation beyond the firm’s boundary. Participation in an open and independent environment also implies the competition among ... -
Creativity as a Quality Factor in Software for Children
Hagen, Marte Hoff (Master thesis, 2021)Motivasjon: Kreativitet er forbundet med innovasjon og sammfunnsvekst og regnes som en av de viktigste egenskapene hos barn. Derfor bør alle som utvikler programvare rettet mot barn være klar over behovet for å forbedre ... -
Cybersecurity awareness for children: A systematic literature review
Quayyum, Farzana; Cruzes, Daniela Soares; Jaccheri, Maria Letizia (Peer reviewed; Journal article, 2021)Cybersecurity for children has received much attention and has become a rapidly growing topic due to the increased availability of the internet to children and their consequent exposure to various online risks. This paper ... -
Data Protection Fortification: A Data-centric Threat Modeling Method for Development Teams to Assess the Risk of Data Tampering and Support Secure Handling of External Data Sources
Gudmundsen, Espen; Kvamme, Sigrid Marita (Master thesis, 2022)Datasystemer avhenger av data for å kunne bidra til en bedre situasjonsforståelse, som tillater overvåking av ulike faktorer innen miljø, energi og i industrielle produksjonsmiljøer. Slike datasystemer avhenger ofte av ... -
Data Protection Fortification: A Data-centric Threat Modeling Method for Development Teams to Assess the Risk of Data Tampering and Support Secure Handling of External Data Sources
Gudmundsen, Espen; Kvamme, Sigrid Marita (Master thesis, 2022)Datasystemer avhenger av data for å kunne bidra til en bedre situasjonsforståelse, som tillater overvåking av ulike faktorer innen miljø, energi og i industrielle produksjonsmiljøer. Slike datasystemer avhenger ofte av ... -
Data Protection Fortification: An Agile Approach for Threat Analysis of IoT Data
Kvamme, Sigrid Marita; Gudmundsen, Espen; Oyetoyan, Tosin Daniel; Cruzes, Daniela Soares (Chapter, 2023) -
Evaluating digital creativity support for children: A systematic literature review
Hagen, Marte Hoff; Cruzes, Daniela Soares; Jaccheri, Maria Letizia; Fails, Jerry Alan (Peer reviewed; Journal article, 2023)Creativity, the process of creating something new and valuable, benefits children by improving their skills and development, encouraging interaction and engagement, and enabling the generation and expression of novel ideas. ... -
How the MITRE ATT&CK Framework can be used for Threat Modelling in the Cloud
Tran, Mai Hoang (Master thesis, 2023)Hovedmålet med masteroppgaven er å forbedre sikkerheten til skyinfrasttrukturer ved å identifisere sårbarheter og svakheter på et tidlig stadium, helst i designfasen. For å oppnå dette, foreslås en metode-artefakt som en ... -
Influencing the security prioritisation of an agile software development project
Tøndel, Inger Anne; Cruzes, Daniela Soares; JAATUN, Martin Gilje; Sindre, Guttorm (Peer reviewed; Journal article, 2022)Software security is a complex topic, and for development projects it can be challenging to assess what security is necessary and cost-effective. Agile Software Development (ASD) values self-management. Thus, teams and ... -
Information Security Incident Management: A case study about preparedness and readiness
Akhtar, Sania (Master thesis, 2014)Organisasjoner idag øker sin konkurranseevne ved stadig å benytte seg av nyere teknologi, og avhengigheten rettet til informasjonsteknologi ser bare ut til å bre seg. I dagens samfunn lagres mesteparten av informasjonen ... -
IT Security Is From Mars, Software Security Is From Venus
Tøndel, Inger Anne; JAATUN, Martin Gilje; Cruzes, Daniela Soares (Journal article, 2020) -
Prioritisation of security in agile software development projects
Tøndel, Inger Anne (Doctoral theses at NTNU;2022:285, Doctoral thesis, 2022)Agile software development is driven by business value, and strives towards visible progressthrough features. Consequently, the somewhat invisible and overarching aspect of softwaresecurity is at the risk of being neglected.A ...